package com.example.vault.config;

import org.springframework.beans.factory.annotation.Value;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.core.io.FileSystemResource;
import org.springframework.vault.authentication.ClientAuthentication;
import org.springframework.vault.authentication.ClientCertificateAuthentication;
import org.springframework.vault.authentication.TokenAuthentication;
import org.springframework.vault.client.VaultEndpoint;
import org.springframework.vault.config.AbstractVaultConfiguration;
import org.springframework.vault.support.SslConfiguration;

import java.net.URI;

/**
 * 用基于Java的bean元数据注册Spring Vault对象
 */
@Configuration
public class VaultConfig extends AbstractVaultConfiguration {

    @Value("${vault.token}")
    String token;
    @Value("${vault.uri}")
    URI vaultUri;

    /**
     * Specify an endpoint for connecting to Vault.
     */
    @Override
    public VaultEndpoint vaultEndpoint() {
//        创建一个VaultEndpoint默认指向的新点https://localhost:8200。
//        return new VaultEndpoint();
        return VaultEndpoint.from(vaultUri);
    }

    /**
     * Configure a client authentication.
     * Please consider a more secure authentication method
     * for production use.
     */
    @Override
    public ClientAuthentication clientAuthentication() {
//        String property = getEnvironment().getProperty("vault.token");
        return new TokenAuthentication(token);
    }
//    @Override
//    public ClientAuthentication clientAuthentication() {
//        return new ClientCertificateAuthentication(restOperations());
//    }
//    @Bean
//    public SslConfiguration SslConfiguration() {
//        SslConfiguration sslConfiguration = SslConfiguration.forKeyStore(new FileSystemResource(keyStore), keyStorePassword);
//        return sslConfiguration;
//    }
}